feat(argo-cd): Add ability to create network policies (#800)
Signed-off-by: Marco Kilchhofer <mkilchhofer@users.noreply.github.com>
This commit is contained in:
Marco Kilchhofer
GitHub
parent
9c69a87f67
commit
922799081d
10 changed files with 149 additions and 4 deletions
29
charts/argo-cd/templates/redis/networkpolicy.yaml
Normal file
29
charts/argo-cd/templates/redis/networkpolicy.yaml
Normal file
|
|
@ -0,0 +1,29 @@
|
|||
{{- $redisHa := (index .Values "redis-ha") -}}
|
||||
{{- if and .Values.global.networkPolicy.create .Values.redis.enabled (not $redisHa.enabled) }}
|
||||
apiVersion: networking.k8s.io/v1
|
||||
kind: NetworkPolicy
|
||||
metadata:
|
||||
labels:
|
||||
{{- include "argo-cd.labels" (dict "context" . "component" .Values.redis.name "name" .Values.redis.name) | nindent 4 }}
|
||||
name: {{ template "argo-cd.redis.fullname" . }}
|
||||
spec:
|
||||
ingress:
|
||||
- from:
|
||||
- podSelector:
|
||||
matchLabels:
|
||||
{{- include "argo-cd.selectorLabels" (dict "context" . "name" .Values.server.name) | nindent 10 }}
|
||||
- podSelector:
|
||||
matchLabels:
|
||||
{{- include "argo-cd.selectorLabels" (dict "context" . "name" .Values.repoServer.name) | nindent 10 }}
|
||||
- podSelector:
|
||||
matchLabels:
|
||||
{{- include "argo-cd.selectorLabels" (dict "context" . "name" .Values.controller.name) | nindent 10 }}
|
||||
ports:
|
||||
- port: redis
|
||||
protocol: TCP
|
||||
podSelector:
|
||||
matchLabels:
|
||||
{{- include "argo-cd.selectorLabels" (dict "context" . "name" .Values.redis.name) | nindent 6 }}
|
||||
policyTypes:
|
||||
- Ingress
|
||||
{{- end }}
|
||||
Loading…
Add table
Add a link
Reference in a new issue